Introduction Over the span of the previous two blog posts in the series, I showed why the majority of Cobalt Strike (CS) BOFs are incompatible with Brute Ratel C4 (BRC4) and what you can do about it. I also presented CS2BR itself: it's a tool that makes patching BOFs to be compatible with BRC4 a … Continue reading Introducing CS2BR pt. III – Knees deep in Binary
Category: Red Team
Most common Active Directory misconfigurations and default settings that put your organization at risk
Introduction In this blog post, we will go over the most recurring (and critical) findings that we discovered when auditing the Active Directory environment of different companies, explain why these configurations can be dangerous, how they can be abused by attackers and how they can be mitigated or remediated. First, let’s start with a small … Continue reading Most common Active Directory misconfigurations and default settings that put your organization at risk
A Beginner’s Guide to Adversary Emulation with Caldera
Target Audience The target audience for this blog post is individuals who have a basic understanding of cybersecurity concepts and terminology and looking to expand their knowledge on adversary emulation. This post delves into the details of adversary emulation with the Caldera framework exploring the benefits it offers. By catering to a beginner to intermediate … Continue reading A Beginner’s Guide to Adversary Emulation with Caldera
Unlocking the power of Red Teaming: An overview of trainings and certifications
NVISO enjoys an excellent working relationship with SANS and has been involved as Instructors and Course Authors for a variety of their courses: For SEC511, Continuous Monitoring and Security Operations, Maxim Deweerdt is a Certified Instructor For SEC575, iOS and Android Application Security Analysis and Penetration Testing, Jeroen Beckers is the Course Author For SEC598, … Continue reading Unlocking the power of Red Teaming: An overview of trainings and certifications
Introducing CS2BR pt. II – One tool to port them all
Introduction In the previous post of this series we showed why Brute Ratel C4 (BRC4) isn't able to execute most BOFs that use the de-facto BOF API standard by Cobalt Strike (CS): BRC4 implements their own BOF API which isn't compatible with the CS BOF API. Then we also outlined an approach to solve this … Continue reading Introducing CS2BR pt. II – One tool to port them all
Introducing CS2BR pt. I – How we enabled Brute Ratel Badgers to run Cobalt Strike BOFs
If you know all about CS, BRC4 and BOFs you might want to skip this introduction and get right into the problem statement. You can also jump right to the solution. Introduction When we conduct Red Team assessments at NVISO, we employ a wide variety of proprietary and open source tools. One central component in … Continue reading Introducing CS2BR pt. I – How we enabled Brute Ratel Badgers to run Cobalt Strike BOFs